Pages

Saturday, 19 October 2019

Deal or no deal part two

OK, I've done everything I can to prepare for a no-deal Brexit.

So now what do I do to prepare for a Brexit with the Boris deal? Nobody knows.

The Letwin Amendment says that Boris has to ask for an extension. Boris says "Non". Parliament say he has to. The last person who defied a clear order from parliament got decapitated. Perhaps that won't happen to Boris.

So, where are we?

Nobody knows.

Tuesday, 15 October 2019

PCI DSS

At last, I have a clean PCI DSS.

There's always been a few non-critical remarks in the test report, but this time around, I got a clean report.

To get rid of the report's uneasiness about the secure server accepting mail, I changed one line in sendmail.mc to

DAEMON_OPTIONS(`Port=smtp, Addr=127.0.0.1, Name=MTA')dnl

What that does, is disallow email from other servers. That's not a real vulnerability, but the PCI DSS report used to mention it. And I don't actually receive email on that sever, so it's no loss to me.

I also added these lines to my startup script.


iptables -I INPUT  -p icmp --icmp-type timestamp-request -j DROP
iptables -I OUTPUT -p icmp --icmp-type timestamp-reply   -j DROP


That stops people from finding out the date and time on my server. I don't see this as a big problem, because it's easy for people to see that my server is in the UK, and it's really easy to find out the time here. But, the PCI DSS report has always reported it as an information leakage. So I've blocked it.

Finally, there was a report that my certificate used SHA-256. It does, but only for the root certificate, and browsers dn't cheack SHA-256, they check the whole certificate. So that isn't a vulnerability at all, it's been a false positive for years, and each time I did a scan, I did a cut-and-paste of my explanation why it's a false positive, and they always accepted it. But now they've fixed their false positive!

That leaves only one thing in the report - that the server is accessible via https. Well yes, it is, because that's my Secure Server, and if all access to it is blockedd, it's as useful as a chololate teapot.


Thursday, 26 September 2019

Raspberry Pi 4 cooling

A lot of people seem to be saying that the Pi 4 runs too hot, and needs cooling. I thought of passive cooling, and started sawing up an old heat sink into small Pi-sized pieces, but that turned out to be more work than I'd thought. You can buy a Pi 4 set of four heat sinks on eBay for 99p. It's just aluminium with fins.

Then I thought, wait. I have innumerable small fans. I pulled out a 60 cm wide by 25 cm deep fan, because that seemed to be about the right size, blue-tacked it to the Pi (I didn't have any bolts that were long enough and thin enough),  then realised it needs 12 volts, and the Pi can only supply 3.3 or 5.

Not a problem. The way I power Pis, is by taking wires from the 12 volt power supply of a PC (usually a PC nearby), and running that over a power-over-ethernet cable to wherever the Pi is. Then I feed the 12 volts (more like 10 or 11 by the time it's run over all that wire) and use a voltage stepper-downer (eBay, £1) to take it to 5.5 volts, which I feed into the Pi.

So I took that 12 volts feed, and fed it onto the fan. The fan is almost silent (I can hear it if I get really close to it and listen really carefully) and brought the Pi temperature down from 56C to 39C. Which means that I can now try to overclock it!

Sunday, 22 September 2019

Democracy

Imagine a system of government where important issues are voted on, but once that vote is done, the issue can never be revisited. Imagine a situation where if the Nationalist Social British Worker's Party is voted into power, it can never be voted out again.

Imagine a situation where the electorate, once it has spoken, is not allowed to change its mind when the situation changes, or they discover that things are not happening as promised.

Imagine that, when some people who want to change things, are told "No, we voted on that years ago, so it has to be like that from now on."

And then imagine how it feels when, people who want change and are willing to have a democratic vote for change, are told "No, we had a vote on that once before, so we can't have a vote again, even though we have now found information that has led us to change our minds"

When the General Election happens (probably in the next few months), I will be voting Liberal Democrat. I haven't forgotten their past incompetence, but that is insignificant compared to the appalling mess that is Tory, Labour, UKIP or Brexit. Because they've found a way out of the mess that those parties got us into, and the way out is simple.

Revoke article 50. End the nightmare of Brexit, and we can dump the way that one single issue has dominated politics to the exclusion of all other issues, and get back to tackling all the other issues in this country.



Friday, 20 September 2019

Deal or no deal?

I've started seeing the advertising. "Prepare for a no-deal Brexit."

I've also seen that a no-deal Brexit would be illegal, since Parliament passed a law to say so.

So I'm supposed to prepare for something illegal?

I checked out the government's web site. They're saying that if there's no deal, then I'm bound by the VAT laws of the EU.

Wait, what? What happened to "clean break"? What happened to "Take back control"? I'm being told that, if there is no deal (which would be illegal) then I have to register with the VAT authorities of an EU country (I can choose which) so that I can pay VAT on digital sales to EU countries, to the EU country who made the purchase.

I really don't understand this. Canada (for example) has a VAT (they call it GST), but no-one has ever suggested that I have to send money to Canada for sales made to Canadians. Likewise every other foreign country. So, under no-deal (which is illegal), the EU becomes 27 foreign countrues. Why do I have to obey their tax laws?

But, maybe this won't happen, since no-deal is illegal.

I shall have to consult my accountant, and get a written opinion. That way, if they're wrong, I can point the finger at the accountant.

On October 31st, something might or might not happen. If it happens, no-one knows what the result will be. If it doesn't happen, no-one knows what the result will be.

I'm as ready as I'll ever be. Are you?

Thursday, 19 September 2019

This email appeared in 3 known data breaches.

Firefox gave me this warning.



Evite is an email greeting card site. I've never used this, but I'm guessing that someone sent me an e-card, which gave them my email address.

Moneybookers I have used, but not for a very, very long time, and with a very long password, and they aren't saying that was collected.

Verifications.io? That web site doesn't exist, and I've never used it in the past.

Another of my email addresses was compromised at LinkedIn. I already knew about that, because I've been getting spam claiming that they know my password, and giving the password that I used there a long time ago.

You can check your email address at https://monitor.firefox.com/scan




Make sure that you don't use the same password on different web sites.

Saturday, 14 September 2019

50 followers!

I've reached 50 followers. That's about four dozen more than I expected when I started this blog. And 1.5 million page views. Wow.

So what is the purpose of this blog. It's kind of like a journal, in which I post things that I've done, things that have happened, thoughts that I've thought

So thanks to the 48 unexpected followers, and here's to the next 50!